The Office for the Inspector General for the DHS issued a report today that detailed how FEMA did not appropriately safeguard the personal information of 2.3 million survivors of hurricanes Harvey, Irma, and Maria and the California wildfires in 2017. FEMA provided 20 unnecessary data fields that put the survivors at risk for fraud, spear-phishing, and identity theft. FEMA has stated that they started an investigation into this privacy breach and have deployed cyber security personnel to the contractor’s facilities to determine if this data was exposed in any way through vulnerabilities in their systems.
Source: https://www.bleepingcomputer.com/news/security/fema-data-leak-exposes-personal-info-of-23m-disaster-survivors/